Vulnerability identifier: #VU85298

Vulnerability risk: Low

CVSSv3.1: 6.4 [CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-43809

CWE-ID: CWE-88

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
bundler
Universal components / Libraries / Software for developers

Vendor: Bundler

Description

The vulnerability allows a local user to execute arbitrary code on the target system.

The vulnerability occurs when working with untrusted and apparently harmless `Gemfile`'s. A local user can trick the victim into opening a specially crafted directory containing a `Gemfile` file that declares a dependency that is located in a Git repository and execute arbitrary code on the target system.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

bundler: 0.3.0 - 2.2.32

---

External links
http://github.com/rubygems/rubygems/commit/a4f2f8ac17e6ce81c689527a8b6f14381060d95f
http://github.com/rubygems/rubygems/security/advisories/GHSA-fj7f-vq84-fh43
http://github.com/rubygems/rubygems/pull/5142
http://github.com/rubygems/rubygems/commit/0fad1ccfe9dd7a3c5b82c1496df3c2b4842870d3
http://www.sonarsource.com/blog/securing-developer-tools-package-managers/

---

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.